How Wallarm WAF works

Unlike default cloud WAFs, Wallarm automates protection for apps and APIs with no manual tuning and investments into ongoing maintenance allowing the team to focus on different tasks. It scales. It works.

415 Brannan St, San Francisco, CA 94107
(415)940-7077
request@wallarm.com



2020 © Wallarm Inc.

Speaker

Who should attend: 

Learn how to leverage security automation in your cloud infrastructure, DevOps pipeline, and applications. Using the open-source Cloud Custodian tool you'll see how AWS CloudTrail, CloudWatch, and Lambda are used to implement automated infrastructure monitoring and remediation. Then you'll see how DevOps security automation and Infrastructure as Code is used to build a Blue/Green deployment infrastructure to quickly patch critical security vulnerabilities. Finally, using the open-source AWS WAF Security Automations project you'll see how it can be automatically deployed via your Jenkins CI/CD pipeline, how the WAF leverages Lambda for automation, and how it automatically blocks critical application vulnerabilities.

  1. #DevSec #AppSec #DevOps community 
  2. Application Security Engineers
  3. Info Security professionals (CISO) 
  4. Modern application vendors

Webinar
August 27th at 11 am PST / 2 pm EST

Cloud Security: 
From Infrastructure 
to Applications

Webinar 
August 27th at 11 am PST /  2 pm EST

Cloud Security: From Infrastructure to Applications

Web application is one of the top three attack patterns and the number one source of data breach for financial services firms.

2019 Data Breach Investigations Report, Verizon, April 2019

Share:

Frank Kim

Fellow and former CISO, SANS Institute

Frank is a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest-growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of popular leadership and cloud security courses and serves as an advisor to emerging security companies, including Wallarm.

Sign Up for Webinar

☝️Limited seats available

Wallarm protects hundreds of Hi-Tech Companies globally

Day in life of Security and DevOps teams

Unlike default cloud WAFs, Wallarm automates protection for apps and APIs with no manual tuning and investments into ongoing maintenance, allowing the team to focus on different tasks. It scales. It works.

  • Every Thursday morning, after an application update, Joanna starts by making sure that security rules are updated to match the updated APIs.
    It's a common occurrence when an app update causes new false positives. Joanna receives complains from the support and DevOps teams regarding WAF blocking.

  • It is an often situation when an app update cause new false positives. Joanna receives complains from the support and DevOps teams regarding WAF blocking.

  • Joanna's team temporarily turns off protection and manually verifies which rule triggered blocking of legitimate users.

  • When the rules are updated, Joanna works with the DevOps manager to ensure an updated ACL will no longer disrupt application operation.

Day-in-the-life before our product

Day-in-the-life after Wallarm

  • Wallarm's WAF is installed instead of the AWS WAF to better protect applications and APIs.

  • Joanna's team no longer needs to update security rules as Wallarm doesn't require manual tuning.

  • Individual API calls with malicious requests are blocked without disrupting operation of the application for the rest of the IP address in the similar locale.

  • All attacks are automatically verified to see if there's any potential of exposed security issues.

Watch a webinarDownload Demo DeckWatch a webinarDownload Demo Deck